Account Reviews cannot be completed and 'ORA-00904: "CACHE_"."COMP_RES_CASxx": invalid identifier' errors are generated in RSA Identity Governance & Lifecycle
2 years ago
Originally Published: 2020-01-28
Article Number
000043741
Applies To
RSA Product Set: RSA Identity Governance & Lifecycle
RSA Version/Condition: 7.1.0, 7.1.1
 
Issue
Account reviews in RSA Identity Governance & Lifecycle cannot be completed. (Reviews > Results > {Account Review Result Name} > Review items > {pick a tab} > {show all items}).

Examples:
  • Account reviews show accounts as having entitlements but when you maintain the item, the review says the account has no entitlements. Further errors occur if you attempt to maintain the account using a bulk action and the account review cannot be completed.
  • Account reviews show accounts as having entitlements but when you maintain/revoke unreviewed items using either a review escalation node or web services, items remain unreviewed.
 The aveksaServer.log file ($AVEKSA_HOME/wildfly/standalone/log/aveksaServer.log) has one or more of the following errors:
  
ORA-00904: "CACHE_"."COMP_RES_CAS11": invalid identifier
ORA-00904: "CACHE_"."COMP_RES_CAS12": invalid identifier
ORA-00904: "CACHE_"."COMP_RES_CAS13": invalid identifier
ORA-00904: "CACHE_"."COMP_RES_CAS14": invalid identifier
ORA-00904: "CACHE_"."COMP_RES_CAS15": invalid identifier
ORA-00904: "CACHE_"."COMP_RES_CAS16": invalid identifier
ORA-00904: "CACHE_"."COMP_RES_CAS17": invalid identifier
ORA-00904: "CACHE_"."COMP_RES_CAS18": invalid identifier
ORA-00904: "CACHE_"."COMP_RES_CAS19": invalid identifier
ORA-00904: "CACHE_"."COMP_RES_CAS20": invalid identifier
ORA-00904: "CACHE_"."COMP_RES_CAS21": invalid identifier
ORA-00904: "CACHE_"."COMP_RES_CAS22": invalid identifier
ORA-00904: "CACHE_"."COMP_RES_CAS23": invalid identifier
ORA-00904: "CACHE_"."COMP_RES_CAS24": invalid identifier
ORA-00904: "CACHE_"."COMP_RES_CAS25": invalid identifier
ORA-00904: "CACHE_"."COMP_RES_CAS26": invalid identifier
ORA-00904: "CACHE_"."COMP_RES_CAS27": invalid identifier
ORA-00904: "CACHE_"."COMP_RES_CAS28": invalid identifier
ORA-00904: "CACHE_"."COMP_RES_CAS29": invalid identifier
ORA-00904: "CACHE_"."COMP_RES_CAS30": invalid identifier
ORA-00904: "CACHE_"."COMP_RES_CAS31": invalid identifier
ORA-00904: "CACHE_"."COMP_RES_CAS32": invalid identifier
ORA-00904: "CACHE_"."COMP_RES_CAS33": invalid identifier
ORA-00904: "CACHE_"."COMP_RES_CAS34": invalid identifier
ORA-00904: "CACHE_"."COMP_RES_CAS35": invalid identifier
ORA-00904: "CACHE_"."COMP_RES_CAS36": invalid identifier

Please refer to RSA Knowledge Base Article 000030327 -- Artifacts to gather in RSA Identity Governance & Lifecycle to find the location of the aveksaServer.log for your specific deployment if you are on a WildFly cluster or a non-WildFly platform.

  The example below illustrates this issue:
  1. In the RSA Identity Governance & Lifecycle user interface go to Reviews > Results > {Account Review Result Name} > Review items > {pick a tab} > {show all items}.
  2. Choose Maintain for any account.
  3. Note in the example below there are three entitlements associated with the account but once the Maintain button is toggled, the review says:
There are no entitlements in this account.
 
User-added image
 
  1. If you attempt to bulk maintain this review item, the below error occurs:
The request could not be handled.

 
User-added image
 
  1. If you click OK and OK again, this error occurs:
Error - java.lang.NullPointerException
 
 
User-added image

 
Cause
The significant error that indicates the problem cause is:
  
ORA-00904: "CACHE_"."COMP_RES_CASxx": invalid identifier

Starting in RSA Identity Governance & Lifecycle 7.1.0 P05, new custom attributes for business sources were added. These attributes are defined with data types CAS11 through CAS35 and are added by going to Admin > Attributes > Business Source tab > Edit > Add Attribute. The problem occurs because the feature to add the additional business source attributes was not completed and does not populate the new attributes into all the appropriate places.

This is a known issue reported in engineering tickets ACM-99694, ACM-102953, ACM-102551 and ACM-103658.
 
Resolution
This issue is resolved in RSA Identity Governance & Lifecycle 7.2. The fix prevents this problem from occurring but if the problem has already occurred, the workaround is necessary.

Resolution steps:
  1. Upgrade to RSA Identity Governance & Lifecycle 7.2.0. A fix will NOT be back-ported for 7.1.x.
  2. If you have any business source custom attributes that use data types CAS11 through CAS35, apply the workaround below.
Workaround
Remove all business source custom attributes that have been defined using data types CAS11 through CAS35.

Please contact RSA Identity Governance & Lifecycle Support for the steps needed to remove these custom attributes and mention this RSA Knowledge Base Article ID 000038391 for reference.
 

Related Articles

Trending Articles

Don't see what you're looking for?